From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from NAM03-DM3-obe.outbound.protection.outlook.com (mail-dm3nam03on0049.outbound.protection.outlook.com [104.47.41.49]) by dpdk.org (Postfix) with ESMTP id 276227CD8 for ; Mon, 22 Jan 2018 14:11:39 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=CAVIUMNETWORKS.onmicrosoft.com; s=selector1-cavium-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=7MzusFHdGekcHNFvmw/ZUNP/JKYaEQxoFv/w1Jhmsnc=; b=kzrn6ioJGmuYhEC1BG5f2zJIEJsrEJOLWINsT9VL+f0OQEVczC75PwrxVDYTwgwId8r0b/U97wPWM6MzUizQ1XUwrF2fgXPd9iNYwmVr/8HIdgi20oo9Mnhhf2kdZq7roRsCB192c9NqVwz2881kexopxGMW8wnGhRRg26L9tM4= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Anoob.Joseph@cavium.com; Received: from ajoseph83.caveonetworks.com (115.113.156.2) by SN2PR0701MB1071.namprd07.prod.outlook.com (2a01:111:e400:341f::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.428.17; Mon, 22 Jan 2018 13:11:33 +0000 From: Anoob Joseph To: Akhil Goyal , Declan Doherty , Radu Nicolau , Sergio Gonzalez Monroy Cc: Anoob Joseph , Jerin Jacob , Narayana Prasad , Nelio Laranjeiro , dev@dpdk.org Date: Mon, 22 Jan 2018 13:11:06 +0000 Message-Id: <1516626668-9031-2-git-send-email-anoob.joseph@caviumnetworks.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1516626668-9031-1-git-send-email-anoob.joseph@caviumnetworks.com> References: <1516626668-9031-1-git-send-email-anoob.joseph@caviumnetworks.com> MIME-Version: 1.0 Content-Type: text/plain X-Originating-IP: [115.113.156.2] X-ClientProxiedBy: MWHPR14CA0068.namprd14.prod.outlook.com (2603:10b6:300:81::30) To SN2PR0701MB1071.namprd07.prod.outlook.com (2a01:111:e400:341f::17) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 809785e9-78d6-4e54-df41-08d56199aaa7 X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(5600026)(4604075)(4534125)(4602075)(7168020)(4627221)(201703031133081)(201702281549075)(2017052603307)(7153060)(7193020); SRVR:SN2PR0701MB1071; X-Microsoft-Exchange-Diagnostics: 1; SN2PR0701MB1071; 3:kmq30we5bQ+ATysNvqyMqVrNUfMiWmu+hgqFsXO4jg4OcUcWg/DVfcT4jfl8DgJOczb09rb2sSgyof8sVY6Zh7JH7vQ4lEHPP8FWQf2/k4KI7vg2FhtkKra2l72kJw9dXOkNxLgaqSJadPye2WBqb97A/PZnaaj//e1130DX/H2c2brrXt67/WGeo4oiRTozhyq4oueQ7z9rko9R8mKJBtdcAaZtlXjpuxiBwdSVgvyYnX6PwaHY9qaM8e0Tft9b; 25:uIq6iGWvQnF1isQftF7aVJZCrroxU1aotwy4scblkPheCm13byunn7K7fXp06x79Lo4U7g6F1UJM2xPKJqgrTsXit6MPWgQuGayJDGteLZ4IkJ7KqfJE9JfHF61CgkIcLO6D4GtsAQXDk5VKhnMCYsQeXYGg4FUIVUg8QbEYAjxEX060gH7C+AawMVRRxtWIW2Y0tyUFG7Ycd5N58SEX77KE2p7l8//kKe1rNreOjaD1pmdvW5HiIb2zni+SdzUU/kt4DCAIK8cRxdr57uXoVB0p0qTUSH/MNhmLWQu72OZnAv0S2Ick+H7A6hNWaYtIZ9VZAY525zdtitgntYDz5g==; 31:NNXnbpsnOgXFIFli4Iy0I48hqgXsd0at0bAtkmXCaoB0gBoMYSbun01bxx0/R/3m43Xs6GvHEdhZu6Pj3U2DI+hA/srR+PAOJ4ZYsMul0VpnLvwI6wNDH2vtWjD3my03ZRjDit79pY/pWVwQiJog5U15xXbdvn24kcjHLo+099Fr1NbsWqgtnlcD7wBXuwQldofi/rq+ttdHRGg0+3BovAL2M9LUi4Wm+moQ8ZMth/Y= X-MS-TrafficTypeDiagnostic: SN2PR0701MB1071: X-Microsoft-Exchange-Diagnostics: 1; SN2PR0701MB1071; 20:gxr2twOuJCfUV3B4hEhPUbwjDZZr6al5v8jE/ztdnpz2FcoDAgd11anqgA+VxJslEqtEHsXvHsIoi0gT7AHerS2CpcH6rth5efpMB9RdjUaIMHMbtVg5mK73+V+cu0lqX/TiHGYTUZFMZNwuzBbgvIqNXlqNhnuVtFts8eZ5vwW04Zlt7xeMy4mtkhiNBJlfRduSDOhX2KR54XAnwGcajK2mQ9wx9CMO3A0GrSikl/Rgs/Ih43CO/a0NvmtWCbtNvu2pJpgg/8mp9z/LocPg6QSX7q3MSh5M9VTV1ZsXLIcm6FHeqxoF9Q/noNlK3Ftg4Ft+N+i9PMFnJUbJnZ6SCqwwfeIFwENQVi6ZpP8+7+YpkkSUZVXTDYvy1DI5cuUd/HOzo5nhKzRYYZj3ah2nEWVYJG/mmScUaC4EzrwRBCM2Ta1gacbKXYEq3TJIy+6D7KB9KbB9IzPFqpqDe3JvvSDYagtKgduiOXI3DzbT6Zn5sOuhMnRe50CXSAWlHgDYI0uxPDekBM0iuShwOf7hmeg6Gjhs0YxSpKnfu6eWl+vXVct7zwQILb6QkHJv0lgQZ8eoEwKZFblU6NbjgS1H32XpMSxY5fT5wcfQMPewfOQ=; 4:XJCp1ado6aGxUyGMOB/jYVmPmaxqzIcBEcQnmA+rdDOxnwhTDh38n+rpkBHD1NjNT+cZjFHPJhrCTUH7HEIT3YDGrEhZpOyqdZuOTjZjWvpBqVW8A0vAP22cfgtoKQ40vfoTXKhMMgbS4mn1j5qXZuF2sr2zrEzhHk92objw2kTOlqaREfZrs47gL+rOeM7u0DkefegZCpOPDjfEoCUczgmTCiyY9FETf6PldUi5/cnY5jyjZlbNAO7CBpajgF5KL8RU4Dt1Kq6EyDbeHcCofvFnv/oX/joqAiZGTRJDJai+zIerNB3g5f8kUKqvecyr X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(192374486261705); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040501)(2401047)(8121501046)(5005006)(3002001)(10201501046)(93006095)(3231023)(2400081)(944501161)(6041288)(20161123558120)(20161123562045)(20161123564045)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(6072148)(201708071742011); SRVR:SN2PR0701MB1071; BCL:0; PCL:0; RULEID:(100000803101)(100110400095); SRVR:SN2PR0701MB1071; X-Forefront-PRVS: 0560A2214D X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(39380400002)(376002)(396003)(39850400004)(366004)(346002)(199004)(189003)(6506007)(47776003)(16526018)(69596002)(72206003)(8936002)(8656006)(25786009)(6512007)(3846002)(6116002)(68736007)(53936002)(6486002)(4326008)(386003)(8676002)(15650500001)(66066001)(6666003)(2906002)(55236004)(2950100002)(50466002)(81166006)(36756003)(81156014)(42882006)(110136005)(54906003)(106356001)(16586007)(48376002)(316002)(105586002)(53416004)(478600001)(305945005)(50226002)(7736002)(5660300001)(51416003)(575784001)(97736004)(52116002)(76176011)(26005)(59450400001); DIR:OUT; SFP:1101; SCL:1; SRVR:SN2PR0701MB1071; H:ajoseph83.caveonetworks.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; Received-SPF: None (protection.outlook.com: cavium.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; SN2PR0701MB1071; 23:F4ej9VJNhioL1GVpuIEk9Nldc6XumrfNEYntDXy?= =?us-ascii?Q?Z6H/NoEPpyUQbMq7ziWoYnkL7DSuUu1VII0W5842Eug/fEapb0J/YWIQ9UXc?= =?us-ascii?Q?oEFM9vgJJgKji9y6NLHdegV+o6vlXuG1BISmtNv+EE2SWoiFm7FOxcepV6Pj?= =?us-ascii?Q?+Sg/enYwymk3zb357oKsoe4tW3/Gj4T+XC94jNGLkuEo5XVzij5jxqXcWKCH?= =?us-ascii?Q?NejGQlhgxeG07p+GE+6t8A3qtRRlYHU+w1Z50eky3ULX+/6wjw0e7FGD9KZy?= =?us-ascii?Q?07ocdX+z1po38nMWQ0nhwGkfHsLmweysi9ZJy5Yf56YTMTYwGkQ7qUMbpeW9?= =?us-ascii?Q?d3L55wQVaHwrJcuRn827i0ho7hEX/U4rtKIW1SAgNwneqa2ZdzfOOhBcQHm+?= =?us-ascii?Q?ZH/kd7uplMEWKvCHVaB8q2FzbbYDJeO6hKMrVPp1ctFrlPzvJIQoXj0udWt7?= =?us-ascii?Q?4O2m8qd7K9Z6cIbNwJQqg1P413bn+O3hfjQsMGIbH3i7FC+TeCoPdMfv9EI+?= =?us-ascii?Q?AiVu9iKPDxYme35OwCphnEzm18CzJAeHoRsJm/Gcu2A+mhcflcKoTf9Z7+/t?= =?us-ascii?Q?YUIxCnmXgb0y7Yea9QZenEcVz0hxCPO1tKV9htgXB86be0HoxaGOyzFEAieI?= =?us-ascii?Q?8EKL4qhM/TL6bk2aaoD9Mz08UdDBbBlDFXzdEwVPKsQNw9sr7ylxucX+Ta4+?= =?us-ascii?Q?K2YBO5yrtgz57p6xZNG8WHHUZ1vrNEapU+C1Jfev6NzccwF39ildhsLo3AIW?= =?us-ascii?Q?GguUh29Sy/ou1mUt6CPeUOEsGcoEtCSpPt/nKj3sC5Gnq5Hb11and7+AYSPN?= =?us-ascii?Q?MvkwAg92qx8TR9WFty65A34yI4NayL4ZTfGpmKiyXYR4OK3Qyj77gGAPS1Pl?= =?us-ascii?Q?8/5iR5Go52JOHGTW5+MVCkMahwjPmxX91iJJQ+sgqPaEHCJLeWb0gJDfCuWC?= =?us-ascii?Q?mmQ9UfhKD1/tyi18vaUJgDUKf7qiHrQBzq0xin+EJA9Qv9d23ATL5CaYSr6Q?= =?us-ascii?Q?z5Ct+grYf+KBj7T3uVf0ktl62Lr3mYNpe2P7YhqB5yJB+NOhiGqDBfEQzdiK?= =?us-ascii?Q?sG7DluWakYw4tbOPF96xuFvBYAUc+VSSXwLHPHxe9ZYyeak7XpNIQ+BOnpnl?= =?us-ascii?Q?fhMJt+/vbJTBdOSXin2ez4o36IaZkCtUv52Svap/axFAQq3ValGSImMmi70j?= =?us-ascii?Q?tx7sBCmuUVaHev/LRCcM1isnUpeI/1nOvSnvqy09AvbpTw3W0IkPdXdReAcE?= =?us-ascii?Q?SFMJzLWnBx+q7t3q9rj/mLt9/jEyyHC8dFlCMtjOSGXzgN9xn/wQjyNw7iW6?= =?us-ascii?Q?A+A=3D=3D?= X-Microsoft-Exchange-Diagnostics: 1; SN2PR0701MB1071; 6:JQVvOv2zhlRfc7Bovo6Is511G274HX8ZCgY3/febsf3+FTIi09v1u3xpx8dParRxCsbrTPkiVdMhthCbqi0vMg+WxqN3LjuZlaGWmPr86YWpF7e2kRETLG4kSNYYXZrb8RGURscRwSU0rQOE9knxErMqWMH0F0FKVz5Psv2Dm/wagkgT7iXYIU91+uIn7oOHWn7ZPwxutcWJvLJQOvuj1h2UskO8vxdd57xJ5V4FMMDsS3aahXlWXWaHp0asnrLcJPXnYTSHxfVyLTx6tcHfnc10jsB7pRlwjNKRxIEWDkHuXGfJWYboc+c9wBPBwGpnn6prs8uLxOl6+jMkanc7DjzIB0YLZzK9otqreTYSmDc=; 5:ZJ9aSiQuBCtcbBkvHUIQZrTROKCM3Tgha/q0IzkbBEWbO25G4iuAchVf4xXMaaBa2ekXv8cg7kqueK/OyuZ1ahzc0ur4dASBueimIPba42/PFLW50VsfxginPEbIt3Y/Y7SDNIrDvV2LrR2I/LdBqGn/yCPs0yvcbsUT6g+fVSw=; 24:SyeVW8cQzI067wwR+GU3Enxar9gWEVQ3uK9qLzBRc2dB3OHAp1Cv0ec3LA4sJuZ/LdurB8eTsoZlkxa/8fKDkHVdA9qu2aqEKyP1XJ/MBfQ=; 7:em6NNxGT37imhpfPVkquERWONj6Me6lTwBhOrBAqrlOEgnb+nQo6pcLefhf73Zf5tTNLc0kEKKzjPQdqziXJ2UXLyxSXG/pOqGuKlANXYnq2DKiLWovmpxqpRfwjTwR/6P5xfbK7JHQAVnMPGF5XLMNzdcl5arUBUC1PFHRD/OnOSIDGmUL1wdr70HUD2DzKTE5IkxE4DMHwETO2xdti56PM/XVRezC+G+X663WZ+T6iiOIgiwQQDT3Y3d7+e1UW SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-OriginatorOrg: caviumnetworks.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 22 Jan 2018 13:11:33.3187 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 809785e9-78d6-4e54-df41-08d56199aaa7 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 711e4ccf-2e9b-4bcf-a551-4094005b6194 X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN2PR0701MB1071 Subject: [dpdk-dev] [RFC 1/3] lib/security: set/retrieve per packet protocol metadata X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 Jan 2018 13:11:39 -0000 This patch enables the application to set & retrieve per packet protocol parameters like seq no, which is required in case of protocol offload. The ability to set/retrieve such data is PMD dependent and the application is expected to use "mdata_flags" while using such fields. Retrieving the sequence number is required to monitor the sequence number overflow in inline IPsec offload. Signed-off-by: Anoob Joseph --- lib/librte_security/rte_security.c | 7 ++-- lib/librte_security/rte_security.h | 66 ++++++++++++++++++++++++++++--- lib/librte_security/rte_security_driver.h | 3 +- 3 files changed, 64 insertions(+), 12 deletions(-) diff --git a/lib/librte_security/rte_security.c b/lib/librte_security/rte_security.c index 5805051..508046b 100644 --- a/lib/librte_security/rte_security.c +++ b/lib/librte_security/rte_security.c @@ -100,12 +100,11 @@ rte_security_session_destroy(struct rte_security_ctx *instance, int rte_security_set_pkt_metadata(struct rte_security_ctx *instance, - struct rte_security_session *sess, - struct rte_mbuf *m, void *params) + struct rte_security_mdata *mdata, + struct rte_mbuf *m) { RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->set_pkt_metadata, -ENOTSUP); - return instance->ops->set_pkt_metadata(instance->device, - sess, m, params); + return instance->ops->set_pkt_metadata(instance->device, mdata, m); } void * diff --git a/lib/librte_security/rte_security.h b/lib/librte_security/rte_security.h index 004a0eb..9d322a8 100644 --- a/lib/librte_security/rte_security.h +++ b/lib/librte_security/rte_security.h @@ -284,6 +284,48 @@ struct rte_security_session { /**< Private session material */ }; +/* IN/OUT flags for IPsec mdata */ + +/** + * IN/OUT flag for sequence number + */ +#define RTE_SECURITY_IPSEC_MDATA_FLAGS_SEQ_NO (1ULL << 0) + +/** + * Metadata for IPsec protocol offload + */ +struct rte_security_ipsec_mdata { + uint64_t seq_no; + /**< Sequence number */ +}; + +/** + * Per packet metadata for protocol offload + */ +struct rte_security_mdata { + struct rte_security_session *sess; + /**< Security session */ + union { + struct rte_security_ipsec_mdata ipsec; + }; + /**< Protocol specific metadata. This field is IN/OUT, and could be + * used for setting and retrieving per packet metadata. + */ + struct { + uint32_t set; + /**< Used by application to denote the fields it has set */ + uint32_t get; + /**< Used by application to denote the fields PMD should + * update back + */ + uint32_t updated; + /**< Used by PMD to denote the fields it has set */ + } mdata_flags; + /**< Flags to denote the usage of various fields in metadata */ + void *params; + /**< Device specific pointer */ +}; + /** * Create security session as specified by the session configuration * @@ -331,13 +373,25 @@ rte_security_session_destroy(struct rte_security_ctx *instance, struct rte_security_session *sess); /** - * Updates the buffer with device-specific defined metadata + * Updates the buffer with the security metadata. + * + * This metadata could be used by the application to set some protocol defined + * fields per packet. For such protocol defined fields, application can only + * request the PMD to set various values, and it will be upto the PMD to + * decide whether the provided values should be used or not. + * + * In addition, this could be used by the application to probe such per packet + * fields used in inline offload case. PMD would update the metadata field with + * what it would use, if the corresponding "get" flag is set. + * + * E.g. for inline IPsec mode, application could request a sequence number by + * setting "rte_security_mdata.ipsec.seq_no" field and the corresponding flag. + * Additionally, "rte_security_mdata.mdata_flags.get" would give application + * the ability to check the sequence number selected for the packet. * * @param instance security instance - * @param sess security session + * @param mdata security metadata * @param mb packet mbuf to set metadata on. - * @param params device-specific defined parameters - * required for metadata * * @return * - On success, zero. @@ -345,8 +399,8 @@ rte_security_session_destroy(struct rte_security_ctx *instance, */ int rte_security_set_pkt_metadata(struct rte_security_ctx *instance, - struct rte_security_session *sess, - struct rte_mbuf *mb, void *params); + struct rte_security_mdata *mdata, + struct rte_mbuf *mb); /** * Get userdata associated with the security session which processed the diff --git a/lib/librte_security/rte_security_driver.h b/lib/librte_security/rte_security_driver.h index bf0170e..662afa9 100644 --- a/lib/librte_security/rte_security_driver.h +++ b/lib/librte_security/rte_security_driver.h @@ -118,8 +118,7 @@ typedef int (*security_session_stats_get_t)(void *device, * - Returns -ve value for errors. */ typedef int (*security_set_pkt_metadata_t)(void *device, - struct rte_security_session *sess, struct rte_mbuf *m, - void *params); + struct rte_security_mdata *md, struct rte_mbuf *m); /** * Get application specific userdata associated with the security session which -- 2.7.4